Slashdot Mirror
Blocking Steganosonic Data In Phone Calls
psyced writes "Steganography is a technique to encode secret messages in the background noise of an audio recording or photograph. There have been attempts at steganalysis in the past, but scientists at FH St. Pölten are developing strategies to block out secret data in VoIP and even GSM phone calls by preemptively modifying background noise (link is to a Google translation of the German original) on a level that stays inaudible or invisible, yet destroys any message encoded within. I wonder if this method could be applied to hiding messages in executables, too."
I wonder if we will ever have widespread end-to-end encryption for all of our private communication, so that "service providers" cannot mess with our actual message and/or data stream. I guess there will always be someone making a profit by preventing this on a legal level, sadly. When will the "mindless consumer" finally wake up and kick the government that allows all this?
Maybe they will use the foreground noise -- for example, they could alter the pitch of the speaking voice to precisely fall into certain discrete frequency ranges, and then they occasionally bump a couple of samples into an 'unused' range and use those as a simple binary encoding of the secret data.
If they use enough discrete frequency ranges, the general tone of the speaker's vioce won't be noticeably different and the occasional minor shifts in frequency for the encoded data will hardly stand out.
That is just one example that I literally thought up in 30 seconds. I'm sure someone who was really concentrating could come up with much better ways to defeat the described countermeasures.
When information is power, privacy is freedom.
More likely, the people with secrets would just use some other method to communicate them.
Given that this project is (according to TFA) partnered by the Ministry of Defence, this smells to me like someone spending a lot of money defending against a non-existent threat. What's the betting they used the magic word "terrorism" in their grant application?
Data can only be defined as varying bits of a defined pattern. So if the pattern is defined as 'a bunch of numbers that are either 0s or 1s', then the data stored within it is defined as varying the positions of 0s and 1s.
Obscuring data equals obscuring the patterns. So, to obscure the data within a 0 and 1 pattern, you might switch around the 0s and 1s.
For a message embedded in the background noise in a phone call, data may be modulated as 'loudness of background noise within a certain frequency range' or whatever. Obscuring this would be to add random data in the frequency range or whatever.
But that actually takes knowledge of the pattern used. If the pattern is rather the speaker knocking on a table, then any method designed to obscure background noise wouldn't register it or obscure it. It's similar to a scrambling technique that randomizes the 0s and 1s on a diskette sent in the post, while the actual message may be morse code holes punched in the plastic.
Conclusion: To void steganographic data, you need to know the method used to embed it.
(More) deniability.
I'm sure someone will correct me if I have missed something, but it seems to me that the desire by some to hide irremovable watermarks within digital streams is a similar technical challenge to adding steganographic content. Similarly, those attempting to destroy watermarks will face the same problems as those wishing to remove or destroy steganographic content.
The interesting thing is who is on which side of the battle.
Generally it's corporations who like the idea of watermarks, and individuals who don't. Individuals do however like steganography, but the authorities don't. It will be interesting to see who develops what technologies and who, if anyone, wins this arms race.
-- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz
If you want that, just post a one time pad code on a popular public website. I mean, that way people could post links to instructional manuals for covert materials creation for example and not get caught. Try to imagine the manpower involved to go through each lead.
I doubt the CIA will investigate every no carrier joke on slashdot, and if they di^H^H^H^H^H^ 01101000 01110100 01110100 01110000 00111010 00101111 00101111 01110111 01110111 01110111 00101110 01111001 01101111 01110101 01110100 01110101 01100010 01100101 00101110 01100011 01101111 01101101 00101111 01110111 01100001 01110100 01100011 01101000 00111111 01110110 00111101 00101101 01011000 01101110 00111001 00110100 01100110 01110001 00111000 01000011 01010101 01101011 ^H^H NO CARRIER
---- Liquid was a patriot ----
It's against the people itself. It's propaganda to keep the "terror" alive in memory, generating visions of terrorist so advanced we have to process and inspect all telecommunication, so you can feel safe.
Please, have a look at this documentary: The century of the self.
I think we can keep recursing like this until someone returns 1
Because, they can tell when you send an encrypted e-mail.
The whole point of steganography is to embed the secret message in something you broadcast in the clear, and have nobody be any the wiser that you are, in fact, sending hidden data. You give up your covertness when you observably send something secret. If nobody knows you sent it, they're not looking for it. They just think you were talking about your aunt's petunias.
Think of it as analogous to fieldcraft for spies -- you're supposed to be able to do something completely innocuous so that they can't ever confirm that you've actually done something nefarious.
This system is trying to preemptively just eliminate the ability to send something embedded in a clear-channel communication. Basically, take away your ability to send an encrypted sub-channel in your normal conversation.
Cheers
Lost at C:>. Found at C.